USN-3368-1: libiberty vulnerabilities<\/p>\n
26th July, 2017<\/em><\/p>\n A security issue affects these releases of Ubuntu and its Several security issues were fixed in libiberty.\n<\/p>\n It was discovered that libiberty incorrectly handled certain string It was discovered that libiberty incorrectly handled parsing certain It was discovered that libiberty incorrectly handled parsing certain The problem can be corrected by updating your system to the following To update your system, please follow these instructions: In general, a standard system update will make all the necessary changes.<\/p>\n CVE-2016-2226<\/a>, <\/p>\n CVE-2016-4487<\/a>, <\/p>\n CVE-2016-4488<\/a>, <\/p>\n CVE-2016-4489<\/a>, <\/p>\n CVE-2016-4490<\/a>, <\/p>\n CVE-2016-4491<\/a>, <\/p>\n CVE-2016-4492<\/a>, <\/p>\n CVE-2016-4493<\/a>, <\/p>\n CVE-2016-6131<\/a><\/p>\n Source: USN-3368-1: libiberty vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" USN-3368-1: libiberty vulnerabilities Ubuntu Security Notice USN-3368-1 26th July, 2017 libiberty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary Several security issues were fixed in libiberty. Software description libiberty – library of utility functions used by GNU programs Details It was discovered that libiberty incorrectly handled certain stringoperations. If a user or automated system were tricked into processing aspecially crafted binary, a remote attacker could use this issue to causelibiberty to crash, resulting in a denial of service, or possibly executearbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu16.04 LTS. (CVE-2016-2226) It was discovered that libiberty incorrectly handled parsing certainbinaries. If a user or automated system were tricked into processing aspecially crafted binary, a remote attacker could use this issue to causelibiberty to crash, [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-17760","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/17760","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=17760"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/17760\/revisions"}],"predecessor-version":[{"id":17761,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/17760\/revisions\/17761"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=17760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=17760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=17760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}libiberty vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
Software description<\/h3>\n
\n
\n – library of utility functions used by GNU programs<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
operations. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could use this issue to cause
libiberty to crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only applied to Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2016-2226<\/a>)<\/p>\n
binaries. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could use this issue to cause
libiberty to crash, resulting in a denial of service. This issue only
applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-4487<\/a>,
CVE-2016-4488<\/a>, CVE-2016-4489<\/a>, CVE-2016-4490<\/a>, CVE-2016-4492<\/a>, CVE-2016-4493<\/a>,
CVE-2016-6131<\/a>)<\/p>\n
binaries. If a user or automated system were tricked into processing a
specially crafted binary, a remote attacker could use this issue to cause
libiberty to crash, resulting in a denial of service. (CVE-2016-4491<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 20161220-1ubuntu0.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 20160215-1ubuntu0.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 20131116-1ubuntu0.2<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\nReferences<\/h3>\n